KB: Adding Bonding & Link Encryption to RSL10 FOTA


[RSL10 - Knowledge Base]


Question

The RSL10 comes with a functional FOTA (Firmware Over the Air) Library, Smartphone Application and Windows UI Tool that can be used as a starting point to develop your own FOTA capabilities in various solutions. The firmware, tools and documentation are able to provide developers with all of the information and examples required to add FOTA capabilities to any firmware running on RSL10, but it is also possible to expand upon these implementations to add additional functionality.

As an example, if you require another level of security around the firmware image file that is being communicated over the air, you can leverage the Bonding and Encrypted Link capabilities that are already present in the RSL10 Bluetooth Low Energy Stack to protect the firmware being exchanged. What are the high-level steps that are required to implement this functionality?


Recommendation

By default, the RSL10 FOTA implementation (along with the Smartphone Application and Windows UI Tool) only makes use of a Just Works Bluetooth Low Energy connection, and will therefore require changes to both the RSL10 Peripheral FOTA firmware and the Central FOTA delivery firmware if you would like to add support for Bonding and Encrypted Link. This post will cover the changes required within the RSL10 firmware, but can also act as a guide to changing the Central side of the link.

In the original FOTA firmware, the Central device will begin the FOTA transfer once the Bluetooth Low Energy connection has been created with the RSL10’s DFU Standalone firmware. In order to add Bonding and Encrypted Link negotiating, the Central device will instead need to initiate the Bonding procedure of your choice, followed by enabling Link Encryption prior to starting the FOTA exchange.

Given that most of the FOTA exchange is governed by the Central device, the RSL10 will only need to add handling for the Bonding and Link Encryption negotiations, and can add a Bond/Encryption check prior to allowing the Central device to start sending the firmware image. These changes need to be made within the FOTA Library source code that is provided externally in the RSL10 Software CMSIS Package and built to create a new custom FOTA Library file. Specifically, support for Bonding and Link Encryption needs to be added to the app_ble.c files, and a check to ensure these features have been negotiated needs to be added before the FOTA Handshake can be completed successfully.